4 releases

0.2.1 Feb 7, 2021
0.2.0 Feb 7, 2021
0.1.1 Feb 4, 2021
0.1.0 Feb 4, 2021

#1570 in Cryptography


Used in actix-web-detached-jws-mi…

BSD-2-Clause

22KB
218 lines

Documentation crates.io

detached-jws

Encoding, decoding, signing and verification (Detached JWS)

Signing and verifying is done through the Sign and Verify traits.

Example with writer:

use openssl::pkey::PKey;
use openssl::rsa::Rsa;
use openssl::{hash::MessageDigest};
use openssl::{
    rsa::Padding,
    sign::{Signer, Verifier},
};
use serde_json::{json, Map, Value};
use std::io::{Write};
use detached_jws::{SerializeJwsWriter, DeserializeJwsWriter};

let keypair = PKey::from_rsa(Rsa::generate(2048).unwrap()).unwrap();

let mut signer = Signer::new(MessageDigest::sha256(), &keypair).unwrap();
signer.set_rsa_padding(Padding::PKCS1_PSS).unwrap();

let mut header = Map::new();
header.insert("custom".to_owned(), json!("custom_value"));

let mut writer = SerializeJwsWriter::new(Vec::new(),
       "PS256".to_owned(),
       header,
       signer).unwrap();
writer.write_all(&[0, 1, 2, 3]);
writer.write_all(&[4, 5, 6]);

let jws = writer.finish().unwrap();

let mut verifier = Verifier::new(MessageDigest::sha256(), &keypair).unwrap();
verifier.set_rsa_padding(Padding::PKCS1_PSS).unwrap();

let mut writer = DeserializeJwsWriter::new(&jws,
    |h| Some(verifier)
).unwrap();
writer.write_all(&[0, 1, 2, 3]);
writer.write_all(&[4, 5, 6]);

let verified_headers = writer.finish().unwrap();

assert_eq!(
    verified_headers.get("custom").unwrap().as_str().unwrap(),
    "custom_value"
);

Simple example:

use openssl::pkey::PKey;
use openssl::rsa::Rsa;
use openssl::{hash::MessageDigest};
use openssl::{
    rsa::Padding,
    sign::{Signer, Verifier},
};
use serde_json::{json, Map, Value};

let keypair = PKey::from_rsa(Rsa::generate(2048).unwrap()).unwrap();

let mut signer = Signer::new(MessageDigest::sha256(), &keypair).unwrap();
signer.set_rsa_padding(Padding::PKCS1_PSS).unwrap();

let mut header = Map::new();
header.insert("custom".to_owned(), json!("custom_value"));

let payload = vec![0, 1, 2, 3, 4, 5, 6];

let jws = detached_jws::serialize(
    "PS256".to_owned(),
    header,
    &mut payload.as_slice(),
    signer,
)
.unwrap();

let mut verifier = Verifier::new(MessageDigest::sha256(), &keypair).unwrap();
verifier.set_rsa_padding(Padding::PKCS1_PSS).unwrap();

let verified_headers =
    detached_jws::deserialize(&jws, &mut payload.as_slice(), verifier).unwrap();

assert_eq!(
    verified_headers.get("custom").unwrap().as_str().unwrap(),
    "custom_value"
);

Dependencies

~2.6–4MB
~86K SLoC